[Rt-commit] rt branch, 4.4/ldapimport-connect-options, created. rt-4.4.2-102-ge094b4684

[? sunnavy]

The branch, 4.4/ldapimport-connect-options has been created
        at  e094b4684290afae3fb5d48da5479c1022bd1fe7 (commit)

- Log -----------------------------------------------------------------
commit 4c288fce0f42427d306347bc8e6c72bb0df18537
Author: Jim Brandt <jbrandt at bestpractical.com>
Date:   Wed May 3 17:05:13 2017 -0400

    Provide a way to pass more options to Net::LDAP

diff --git a/lib/RT/LDAPImport.pm b/lib/RT/LDAPImport.pm
index bd731db88..8ea08b07c 100644
--- a/lib/RT/LDAPImport.pm
+++ b/lib/RT/LDAPImport.pm
@@ -68,6 +68,12 @@ RT::LDAPImport - Import Users from an LDAP store
 In C<RT_SiteConfig.pm>:
 
     Set($LDAPHost,'my.ldap.host');
+    Set($LDAPOptions, [ port    => 636,
+                        scheme  => 'ldaps',
+                        raw     => qr/(\;binary)/,
+                        version => 3,
+                        verify  => 'required',
+                        cafile  => '/certificate-file/path' ]);
     Set($LDAPUser,'me');
     Set($LDAPPassword,'mypass');
     Set($LDAPBase, 'ou=People,o=Our Place');
@@ -107,6 +113,11 @@ advanced options.
 
 Hostname or ldap(s):// uri:
 
+=item C<< Set($LDAPOptions, [ port => 636 ]); >>
+
+This allows you to pass any options supported by the L<Net::LDAP>
+new method.
+
 =item C<< Set($LDAPUser, 'uid=foo,ou=users,dc=example,dc=com'); >>
 
 Your LDAP username or DN. If unset, we'll attempt an anonymous bind.
@@ -365,10 +376,11 @@ utility in openldap can be very helpful while refining your filters.
 
 =head2 connect_ldap
 
-Relies on the config variables C<$LDAPHost>, C<$LDAPUser> and C<$LDAPPassword>
-being set in your RT Config files.
+Relies on the config variables C<$LDAPHost>, C<$LDAPOptions>, C<$LDAPUser>,
+and C<$LDAPPassword> being set in your RT Config files.
 
- Set($LDAPHost,'my.ldap.host')
+ Set($LDAPHost,'my.ldap.host');
+ Set($LDAPOptions, [ port => 636 ]);
  Set($LDAPUSER,'me');
  Set($LDAPPassword,'mypass');
 
@@ -382,7 +394,9 @@ LDAPHost can be a hostname or an ldap:// ldaps:// uri.
 sub connect_ldap {
     my $self = shift;
 
-    my $ldap = Net::LDAP->new($RT::LDAPHost);
+    $RT::LDAPOptions = [] unless $RT::LDAPOptions;
+    my $ldap = Net::LDAP->new($RT::LDAPHost, @$RT::LDAPOptions);
+
     $RT::Logger->debug("connecting to $RT::LDAPHost");
     unless ($ldap) {
         $RT::Logger->error("Can't connect to $RT::LDAPHost");
diff --git a/t/ldapimport/user-import.t b/t/ldapimport/user-import.t
index aafbd954d..4092a1c1c 100644
--- a/t/ldapimport/user-import.t
+++ b/t/ldapimport/user-import.t
@@ -43,6 +43,7 @@ $ldap->add(
 
 
 RT->Config->Set('LDAPHost',"ldap://localhost:$ldap_port");
+RT->Config->Set('LDAPOptions', [ port => $ldap_port ]);
 RT->Config->Set('LDAPMapping',
                    {Name         => 'uid',
                     EmailAddress => 'mail',

commit e094b4684290afae3fb5d48da5479c1022bd1fe7
Author: Jim Brandt <jbrandt at bestpractical.com>
Date:   Fri Feb 2 17:01:18 2018 -0500

    Provide more debug output on connect failure

diff --git a/lib/RT/LDAPImport.pm b/lib/RT/LDAPImport.pm
index 8ea08b07c..c4cd3be77 100644
--- a/lib/RT/LDAPImport.pm
+++ b/lib/RT/LDAPImport.pm
@@ -399,7 +399,7 @@ sub connect_ldap {
 
     $RT::Logger->debug("connecting to $RT::LDAPHost");
     unless ($ldap) {
-        $RT::Logger->error("Can't connect to $RT::LDAPHost");
+        $RT::Logger->error("Can't connect to $RT::LDAPHost $@");
         return;
     }
 

-----------------------------------------------------------------------